<?php
(!defined('IN_SYSTEM') || !defined('ADMIN_PRE')) && exit('Access Denied!');
if(!ican("sysattachment")){
 msg('对不起，你没有权限执行本操作！');
}
$f = isset($_REQUEST['f'])?$_REQUEST['f']:'index';
if(!in_array($f,array('index','delete'))){
	exit('Access Denied!');
}
$m = new AttachmentModule;
$m->$f();
class AttachmentModule
{
	function index() {
		global $_G;
		$page = max(1, getGP('page','G','int'));
		$pagesize = 20;
		$offset = ($page - 1) * $pagesize;
		$wheresql = $orderby = '';
		$url = '?m=attachment';
		$year = getGP('year','G','int');
		$month = getGP('month','G','int');
		$day = getGP('day','G','int');
		if ($year > 0) {
			$format = '%Y';
			$date = $year;
			if ($month) {
				$format .= '%c';
				$date .= $month;
				if ($day) {
					$format .= '%e';
					$date .= $day;
				}
			}
			$wheresql .= " AND (from_unixtime(dateline,'$format') = '$date')";
			$url .= "&year={$year}&month={$month}&day={$day}";
		}
		if ($fileext = check_str(getGP('fileext','G'))) {
			$wheresql .= " AND fileext = '$fileext'";
			$url .= "&fileext={$fileext}";
		}
		if ( $thumb = getGP('thumb','G','int') ) {
			$wheresql .= " AND ".( $thumb == 1 ? "thumb <> ''" : "thumb = ''");
			$url .= "&thumb={$thumb}";
		}
		if ($keyword = getGP('keyword','G')) {
			$keyword = check_str($keyword);
			$wheresql .= " AND originalname LIKE '%$keyword%'";
			$url .= "&keyword=".rawurlencode($keyword);
		}
		if (getGP('id','G') == 'asc') {
			$orderby .= empty($orderby) ? 'fid asc' : ',fid asc'; 
			$url .= '&id=asc';
		}
		if (getGP('filesize','G')) {
			$o = getGP('filesize','G') == 'asc' ? 'asc' : 'desc'; 
			$orderby .= empty($orderby) ? 'filesize '.$o : ',filesize '.$o; 
			$url .= '&filesize='.$o;
		}
		if (getGP('downloads','G')) {
			$o = getGP('downloads','G') == 'asc' ? 'asc' : 'desc'; 
			$orderby .= empty($orderby) ? 'downloads '.$o : ',downloads '.$o; 
			$url .= '&downloads='.$o;
		}
		empty($orderby) && $orderby = 'fid DESC';
	
		$num = $_G['db']->result("SELECT COUNT(*) AS num FROM ".DB_PREFIX."files WHERE 1 $wheresql");
	
		$sql = "SELECT * FROM ".DB_PREFIX."files WHERE 1 $wheresql ORDER BY $orderby LIMIT $offset, $pagesize";
		$result = $_G['db']->fetch_all($sql);
	
		include admintemplate('attachment');
	}
	function delete(){
		global $_G;
		$idarr = getGP('id','P','array');
		foreach ($idarr as $id) {
			$file = $_G['db']->fetch_one_array("SELECT filepath,thumb FROM ".DB_PREFIX."files WHERE fid = ".intval($id));
			@unlink(BASE_ROOT.$file['filepath']);
			if ( !empty($file['thumb']) ) {
				@unlink(BASE_ROOT.$file['thumb']);
			}
			$_G['db']->query("DELETE FROM ".DB_PREFIX."files WHERE fid = ".intval($id));
		}
		msg('成功删除选中的附件');
	}
}

function get_fileext_options($selext = '') {
	global $_G;
	$html = '';
	$sql = "SELECT fileext FROM ".DB_PREFIX."files GROUP BY fileext";
	$query = $_G['db']->query($sql);
	while ($row = $_G['db']->fetch_array($query)) {
		$selstr = $selext == $row['fileext'] ? 'selected="selected"' : '';
		$html .= '<option vlaue="'.$row['fileext'].'" '.$selstr.'>'.$row['fileext'].'</option>';
	}
	return $html;
}

function get_date_options($year=0, $month=0, $day=0) {
	global $_G;
	$html = '';
	$sql = "SELECT MIN(dateline) AS mindate,MAX(dateline) AS maxdate FROM ".DB_PREFIX."files";
	$result = $_G['db']->fetch_one_array($sql);
	$minyear = gdate('Y',$result['mindate']);
	$minmonth = gdate('n',$result['mindate']);
	$maxyear = gdate('Y',$result['maxdate']);
	$maxmonth = gdate('n',$result['maxdate']);
	$html .= '<select name="year"><option value="">所有</option>';
	for($i=$minyear; $i<=$maxyear; $i++) {
		$selstr = $year == $i ? 'selected="selected"' : '';
		$html .= '<option value="'.$i.'" '.$selstr.'>'.$i.'</option>';
	}
	$html .= '</select>年';
	if ($minyear != $maxyear) {
		$minmonth = 1;
		$maxmonth = 12;
	}
	$html .= '<select name="month"><option value="">所有</option>';
	for($i=$minmonth; $i<=$maxmonth; $i++) {
		$selstr = $month == $i ? 'selected="selected"' : '';
		$html .= '<option value="'.$i.'" '.$selstr.'>'.$i.'</option>';
	}
	$html .= '</select>月';
	$html .= '<select name="day"><option value="">所有</option>';
	for($i=1; $i<=31; $i++) {
		$selstr = $day == $i ? 'selected="selected"' : '';
		$html .= '<option value="'.$i.'" '.$selstr.'>'.$i.'</option>';
	}
	$html .= '</select>日';
	return $html;
}
?>